<?php
$allowedExts = array("jpg", "jpeg", "gif", "png");
$extension = end(explode(".", $_FILES["file"]["name"]));
if ((($_FILES["file"]["type"] == "image/gif")
|| ($_FILES["file"]["type"] == "image/jpeg")
|| ($_FILES["file"]["type"] == "image/png")
|| ($_FILES["file"]["type"] == "image/pjpeg"))
&& ($_FILES["file"]["size"] < 500000) //0.5MB
&& in_array($extension, $allowedExts))
  {
  if ($_FILES["file"]["error"] > 0)
    {
    echo "Return Code: " . $_FILES["file"]["error"] . "<br>";
    }
  else
    {
    echo "Upload: " . $_FILES["file"]["name"] . "<br>";
    echo "Type: " . $_FILES["file"]["type"] . "<br>";
    echo "Size: " . ($_FILES["file"]["size"] / 1024) . " kB<br>";
    echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br>";

    if (file_exists("upload/" . $_FILES["file"]["name"]))
      {
      echo $_FILES["file"]["name"] . " already exists. ";
      }
    else
      {
      move_uploaded_file($_FILES["file"]["tmp_name"],
      "upload/" . $_FILES["file"]["name"]);
      echo "Stored in: " . "upload/" . $_FILES["file"]["name"];
      }
    }
  }
else
  {
  echo "Invalid file";
  }


$username="root";
$password="";
$database="ticket";

$nome=$_POST['nome'];
$cognome=$_POST['cognome'];
$eta=$_POST['eta'];

mysql_connect(localhost,$username,$password);

@mysql_select_db($database)
   or die( "Impossibile selezionare il database.");

$query = "INSERT INTO ticket VALUES('','$nome','$cognome','$eta', '')";

mysql_query($query) or die( "Errore nella query. Query non eseguita");
mysql_close();
?>
<meta HTTP-EQUIV="REFRESH" content="0; url=admin.php">
<a href="admin.php">Vai</a>